From 8e6ec132dfc99621b5a0a0effed54a4d72ffdaec Mon Sep 17 00:00:00 2001 From: Louis Bompart Date: Tue, 15 Nov 2022 17:30:15 -0500 Subject: [PATCH 1/3] fix(cli): fix sha acquisiton for windows signing --- .github/workflows/build-binaries.yml | 5 ++-- scripts/get-commit-short-hash.mjs | 29 ++++++++++++------- .../get-release-artifact-and-commit-sha.mjs | 11 ++++--- scripts/oclifArtifactMatchers.mjs | 6 ++++ 4 files changed, 32 insertions(+), 19 deletions(-) create mode 100644 scripts/oclifArtifactMatchers.mjs diff --git a/.github/workflows/build-binaries.yml b/.github/workflows/build-binaries.yml index 2f0796aab3..b39b2b0895 100644 --- a/.github/workflows/build-binaries.yml +++ b/.github/workflows/build-binaries.yml @@ -40,8 +40,6 @@ jobs: run: npm i - name: Get tags run: node ./scripts/get-tags.mjs - - name: Get commit short hash - run: node ./scripts/get-commit-short-hash.mjs - name: Build run: npm run build - name: Create install kits @@ -51,6 +49,9 @@ jobs: working-directory: ./packages/cli/core if: ${{matrix.os == 'ubuntu-latest'}} run: ../../../node_modules/oclif/bin/run pack tarballs + - name: Get commit hash of binaries + run: node ../../../scripts/get-commit-short-hash.mjs + working-directory: ./packages/cli/core - name: Sign Executable working-directory: ./packages/cli/core if: ${{matrix.os == 'windows-latest'}} diff --git a/scripts/get-commit-short-hash.mjs b/scripts/get-commit-short-hash.mjs index 4f6aa9033a..186c5a67c9 100644 --- a/scripts/get-commit-short-hash.mjs +++ b/scripts/get-commit-short-hash.mjs @@ -1,14 +1,21 @@ import {exportVariable, setFailed} from '@actions/core'; -import {getSHA1fromRef} from '@coveo/semantic-monorepo-tools'; +import {readdirSync} from 'node:fs'; +import {join} from 'node:path'; +import {binariesMatcher} from './oclifArtifactMatchers.mjs'; -const getCommitShortHash = async () => - (await getSHA1fromRef('HEAD')).substring(0, 7); +// Should be executed at the root of the CLI workspace. +const pathToArtifacts = join('dist', process.platform); +const artifacts = readdirSync(pathToArtifacts, {withFileTypes: true}); +const someExe = artifacts.find( + (candidate) => candidate.isFile() && candidate.name.endsWith('.exe') +); -(async () => { - try { - const commitShortHash = await getCommitShortHash(); - exportVariable('commitSHA1', commitShortHash); - } catch (error) { - setFailed(error.message); - } -})(); +if (!binariesMatcher.exec(someExe.name)?.groups?.commitSHA) { + setFailed('Binary does not match'); +} +console.log(binariesMatcher.exec(someExe.name).groups.commitSHA); +exportVariable( + 'commitSHA1', + binariesMatcher.exec(someExe.name).groups.commitSHA +); +``; diff --git a/scripts/get-release-artifact-and-commit-sha.mjs b/scripts/get-release-artifact-and-commit-sha.mjs index 2eca0cdbd8..40e503e7f6 100644 --- a/scripts/get-release-artifact-and-commit-sha.mjs +++ b/scripts/get-release-artifact-and-commit-sha.mjs @@ -7,6 +7,11 @@ import {mkdirSync, writeFileSync, readdirSync, copyFileSync} from 'fs'; import {resolve, join} from 'path'; import {execSync} from 'node:child_process'; import {spawnSync} from 'child_process'; +import { + binariesMatcher, + manifestMatcher, + tarballMatcher, +} from './oclifArtifactMatchers.mjs'; async function main() { const release = await getLastCliRelease(); @@ -17,12 +22,6 @@ async function main() { const getSubDirectoryForTarball = ({version, commitSHA}) => join(topLevelDirectory, 'versions', version, commitSHA); const subDirectoryForManifest = join(topLevelDirectory, 'channels', 'stable'); - const binariesMatcher = - /^coveo[_-]{1}(?v?\d+\.\d+\.\d+(-\d+)?)[_.-]{1}(?\w+)[_-]?(\d+_)?(?.*\.(exe|deb|pkg))$/; - const manifestMatcher = - /^coveo-(?v?\d+\.\d+\.\d+(-\d+)?)-(?\w+)-(?.*-buildmanifest)$/; - const tarballMatcher = - /^coveo-v?(?\d+\.\d+\.\d+(-\d+)?)-(?\w+)-(?[\w-]+).tar\.[gx]z$/; const determineAssetLocation = (assetName) => { if (assetName.match(tarballMatcher)) { diff --git a/scripts/oclifArtifactMatchers.mjs b/scripts/oclifArtifactMatchers.mjs new file mode 100644 index 0000000000..a2b9ec0b62 --- /dev/null +++ b/scripts/oclifArtifactMatchers.mjs @@ -0,0 +1,6 @@ +export const binariesMatcher = + /^coveo[_-]{1}(?v?\d+\.\d+\.\d+(-\d+)?)[_.-]{1}(?\w+)[_-]?(\d+_)?(?.*\.(exe|deb|pkg))$/; +export const manifestMatcher = + /^coveo-(?v?\d+\.\d+\.\d+(-\d+)?)-(?\w+)-(?.*-buildmanifest)$/; +export const tarballMatcher = + /^coveo-v?(?\d+\.\d+\.\d+(-\d+)?)-(?\w+)-(?[\w-]+).tar\.[gx]z$/; From d04ebedbd6f6a13371d2b4ec8fdc30c6b669bb2f Mon Sep 17 00:00:00 2001 From: Louis Bompart Date: Tue, 15 Nov 2022 17:54:20 -0500 Subject: [PATCH 2/3] Update scripts/get-commit-short-hash.mjs --- scripts/get-commit-short-hash.mjs | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/get-commit-short-hash.mjs b/scripts/get-commit-short-hash.mjs index 186c5a67c9..4337e00e5a 100644 --- a/scripts/get-commit-short-hash.mjs +++ b/scripts/get-commit-short-hash.mjs @@ -13,7 +13,6 @@ const someExe = artifacts.find( if (!binariesMatcher.exec(someExe.name)?.groups?.commitSHA) { setFailed('Binary does not match'); } -console.log(binariesMatcher.exec(someExe.name).groups.commitSHA); exportVariable( 'commitSHA1', binariesMatcher.exec(someExe.name).groups.commitSHA From 830036e3c4e4d291d7629b11acbcf4d65970a93b Mon Sep 17 00:00:00 2001 From: Louis Bompart Date: Tue, 15 Nov 2022 17:54:50 -0500 Subject: [PATCH 3/3] Apply suggestions from code review --- scripts/get-commit-short-hash.mjs | 1 - 1 file changed, 1 deletion(-) diff --git a/scripts/get-commit-short-hash.mjs b/scripts/get-commit-short-hash.mjs index 4337e00e5a..92f51831f8 100644 --- a/scripts/get-commit-short-hash.mjs +++ b/scripts/get-commit-short-hash.mjs @@ -17,4 +17,3 @@ exportVariable( 'commitSHA1', binariesMatcher.exec(someExe.name).groups.commitSHA ); -``;